I read somewhere online that there exists a Mailbox Delegate Access Policy as part of non mandatory ISO27001 policies, can you confirm this and give me it's clause number? Thanks
Assign topic to the user
ISO 27001 does not have any specific clause regarding delegating access to the mailbox (neither is such a policy common non-mandatory document). What you can do is develop an access control policy based on control A.9.1.1 and include its specific access rights for a delegated mailbox.
This article will provide you a further explanation about access control according to ISO 27001:
- How to handle access control according to ISO 27001 https://advisera.com/27001academy/blog/2015/07/27/how-to-handle-access-control-according-to-iso-27001/
Comment as guest or Sign in
Oct 31, 2020